:: Re: [Dng] system scriptinng languag…
Góra strony
Delete this message
Reply to this message
Autor: Matteo Panella
Data:  
Dla: dng
Temat: Re: [Dng] system scriptinng language.
On 07/12/2014 02:12, Teodoro Santoni wrote:
> This is a problem if you have to deal with black boxes and with non-Unix
> software, that is, your programs use memory as IPC bus.


No, no, no, I'm not talking about shmem and IPC, I'm talking about *code
page sharing*, which is only possible for dynamically linked
executables. Different Go binaries "linking" the same versions of their
"libraries" will never *ever* share code pages for the "libraries", even
though the content is the same.

(no, not even with KSM enabled: KSM does *not* work on pagecache pages
by design)

> grsecurity solves this issue for Linux, randomizing the address space during
> loading


... except that it only works for dynamically linked binaries.
Statically linked binaries coalesce all executable code into a single
contiguous memory area at build time and maps it to a single LOAD
program header with the RE bits set, so the kernel cannot randomize
anything.

(ok, not really: it can play with the base address for LOAD program
headers, but that does *not* change the overall layout of executable
pages - again, it's set in stone by the compiler, if you want full ASLR
you need dynamic linking and binaries built as PIE, neither of which is
possible with Go)

Regards,
--
Matteo Panella